Are you confident that you can still demonstrate compliance with UK GDPR, PECR and the latest ICO and NCSC guidelines?
Let us help you with our updated Data Protection Review, to give you the reassurance of a simple external assessment and a detailed report highlighting any areas for action.
You will benefit from:
- External assessment of your data protection compliance
- Comprehensive report with prioritised recommendations for action
- Based on the ICO Accountability Framework
- Now including cyber security recommendations from the National Cyber Security Centre
- Led by a data protection professional committed to the non-profit sector with experience of IT, governance and fundraising
The review can be conducted remotely, in person or using a hybrid approach.
It will enable you to benchmark your compliance against ICO and NCSC standards and the comprehensive report with its prioritised recommendations will identify areas to work on, with cost effective recommendations.
As standard the Data Protection review will cover:
- Privacy notice
- Data protection policy and IT/BOYD/remote working security policy
- DSAR and other data subject rights procedures, including how to validate someone’s identity
- Data breach prevention and procedure
- Consent and lawful basis for processing
- Processor contracts
- Records of Processing Activities / Information Audit
- Staff and volunteer induction and ongoing training
- Email marketing
- Transferring of data
- Brexit implications
- Retention of personal data
- Use of DPIA’s
- Use of sensitive personal data
- Being cyber aware
- Backing up your data
- Protection yourselves from malware
- Keep mobile devices safe
- Choosing and managing passwords
- Avoiding phishing attacks
The Data Protection review will be ideal for:
- Your non-profit Board – to give the comfort of external assurance
- Your DPO – to benchmark against the ICO and NCSC standards and to lend weight to recommendations
- Your nominated data protection person – working alongside a data protection professional who focusses on non-profits
The Data Protection review works for any size of organisation, with options to suit even the smallest budget.